dhclient does not strip or escape shell meta-characters
Bug #753580 reported by
Dmitry
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dhcp3 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
dhclient doesn't strip or escape certain shell meta-characters in dhcpd responses, allowing a rogue server or party with with escalated privileges on the server to cause remote code execution on the client.
See also: http://
Updated for this were released today.
See USN-1108-1.